Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/DY4ls6UOhvWECfSZZCwDuvFCeG4.roa
File: DY4ls6UOhvWECfSZZCwDuvFCeG4.roa (raw, json)
Hash identifier: YjRKFIpHXPJrGoC1gCDV4/v8+ZCjo+zpORzTCUYKQsY=
Subject key identifier: 0D:8E:25:B3:A5:0E:86:F5:84:09:F4:99:64:2C:03:BA:F1:42:78:6E
Certificate issuer: /CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Certificate serial: 0195805BD911DBB0CF6A031E6394ED5C35EF
Authority key identifier: F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/DY4ls6UOhvWECfSZZCwDuvFCeG4.roa
Signing time: Mon 10 Mar 2025 14:00:57 +0000
ROA not before: Mon 10 Mar 2025 14:00:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59623
IP address blocks: 178.239.147.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Mar 2025 14:02:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:80:5b:d9:11:db:b0:cf:6a:03:1e:63:94:ed:5c:35:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Validity
Not Before: Mar 10 14:00:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0d8e25b3a50e86f58409f499642c03baf142786e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:55:c3:ec:43:ae:ee:11:8e:6f:67:44:51:0f:
59:3b:a6:e4:54:ea:0c:f7:e0:32:97:ec:81:f0:b3:
f5:66:c9:3e:0f:c8:ab:69:fc:be:79:48:29:9e:1c:
27:74:3f:14:99:58:41:f7:df:9e:6d:77:67:78:c0:
cf:c1:60:26:6d:79:04:be:b4:fb:7c:ec:8c:d1:ef:
dd:eb:77:e7:46:f6:56:d8:e6:27:20:43:aa:21:27:
f3:c1:66:76:07:1e:98:00:bd:a5:91:46:fe:b7:8c:
8f:43:79:1a:81:fc:53:2f:b0:6f:26:49:1c:0c:35:
dd:a7:31:25:2e:f2:de:ae:f4:cd:14:b6:d9:96:22:
81:67:e0:a1:20:38:54:ab:d0:4a:5e:41:08:c4:87:
f4:08:71:d1:62:6d:f9:1d:ef:31:93:83:df:49:34:
6e:2a:50:08:c5:f0:b8:c7:ac:23:dc:94:c6:84:c0:
a9:a7:03:29:14:78:d8:34:1a:4a:d8:7e:ec:b8:68:
19:47:c4:a5:d0:9c:f0:7e:59:03:62:c9:90:f6:3e:
3e:46:b5:11:ca:b6:9f:14:4c:80:21:73:68:f1:75:
f1:7a:2c:34:01:94:c1:61:bf:5b:63:20:19:86:88:
39:0b:ca:cb:36:5a:71:d6:b6:e0:0c:4b:52:42:ef:
2d:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:8E:25:B3:A5:0E:86:F5:84:09:F4:99:64:2C:03:BA:F1:42:78:6E
X509v3 Authority Key Identifier:
keyid:F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/DY4ls6UOhvWECfSZZCwDuvFCeG4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.239.147.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:2e:79:16:84:68:a1:f4:43:2a:76:1d:b4:a6:7c:ce:eb:ff:
71:20:9f:8c:f2:43:2a:d3:6f:5b:ac:11:a3:5d:0b:2c:38:68:
20:98:0e:de:0a:91:44:1c:b1:a5:89:f3:7e:06:0b:c9:7d:a1:
91:62:26:03:f5:f3:a5:cf:6c:56:1c:b6:47:1a:27:6e:10:8d:
72:20:8b:e8:45:d5:5e:a5:3b:e6:b6:be:b9:80:dc:65:06:20:
e2:82:f0:e4:33:a7:c5:ec:5c:a8:b6:3d:df:1c:e4:b7:55:f0:
fc:4d:68:a1:70:c4:00:f6:ea:1c:3d:7e:62:79:c6:63:ff:a8:
56:62:7a:be:23:03:9c:39:4d:fe:e1:60:62:46:31:09:f8:82:
44:74:88:56:b7:19:89:31:dc:53:22:eb:6c:5d:7e:e1:23:64:
f2:5b:6f:ed:2f:92:87:f0:db:89:0f:35:e9:4f:41:1e:c5:53:
ca:08:b1:32:4c:22:c9:2b:e4:4f:c1:66:69:58:06:85:2b:0a:
36:af:d5:a4:9c:14:0c:74:b3:7a:1f:c0:06:74:d1:66:14:ee:
15:7b:2e:58:97:d0:92:5e:6b:87:21:39:bd:c6:59:74:b9:a5:
48:e4:9f:99:31:8e:44:98:50:35:51:15:37:89:19:dd:24:a6:
3f:6a:66:96
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZWAW9kR27DPagMeY5TtXDXvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMzUzMzM5OWY1NWViNTJlNmIyMjAwYzdjYWU0MjcyYjc0
ZDY0NjQwHhcNMjUwMzEwMTQwMDU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDhlMjViM2E1MGU4NmY1ODQwOWY0OTk2NDJjMDNiYWYxNDI3ODZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsVXD7EOu7hGOb2dEUQ9ZO6bkVOoM
9+Ayl+yB8LP1Zsk+D8irafy+eUgpnhwndD8UmVhB99+ebXdneMDPwWAmbXkEvrT7
fOyM0e/d63fnRvZW2OYnIEOqISfzwWZ2Bx6YAL2lkUb+t4yPQ3kagfxTL7BvJkkc
DDXdpzElLvLervTNFLbZliKBZ+ChIDhUq9BKXkEIxIf0CHHRYm35He8xk4PfSTRu
KlAIxfC4x6wj3JTGhMCppwMpFHjYNBpK2H7suGgZR8Sl0JzwflkDYsmQ9j4+RrUR
yrafFEyAIXNo8XXxeiw0AZTBYb9bYyAZhog5C8rLNlpx1rbgDEtSQu8tMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA2OJbOlDob1hAn0mWQsA7rxQnhuMB8GA1UdIwQY
MBaAFPE1MzmfVetS5rIgDHyuQnK3TWRkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEt
OTg5MTY2ODgxOTY5LzEvRFk0bHM2VU9odldFQ2ZTWlpDd0R1dkZDZUc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEtOTg5MTY2ODgxOTY5
LzEvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsu+TMA0G
CSqGSIb3DQEBCwUAA4IBAQC6LnkWhGih9EMqdh20pnzO6/9xIJ+M8kMq029brBGj
XQssOGggmA7eCpFEHLGlifN+BgvJfaGRYiYD9fOlz2xWHLZHGiduEI1yIIvoRdVe
pTvmtr65gNxlBiDigvDkM6fF7Fyotj3fHOS3VfD8TWihcMQA9uocPX5iecZj/6hW
Ynq+IwOcOU3+4WBiRjEJ+IJEdIhWtxmJMdxTIutsXX7hI2TyW2/tL5KH8NuJDzXp
T0EexVPKCLEyTCLJK+RPwWZpWAaFKwo2r9WknBQMdLN6H8AGdNFmFO4Vey5Yl9CS
XmuHITm9xll0uaVI5J+ZMY5EmFA1URU3iRndJKY/amaW
-----END CERTIFICATE-----
Generated at Sat Jun 14 06:29:09 2025 by rpki-client